ID Document Authenticity Evaluation

DOT Contains set of features that can help detect some of the most common signs of suspicious onboarding attempts.

To provide trusted digital onboarding, it is important not only to verify the user using facial biometrics and liveness, but also to evaluate the authenticity of the identity document. Due to the limitations of smartphone cameras, it is not currently possible to reliably detect all fake or forged documents. For this, a dedicated document scanner is required. However, there are certain features within Digital Onboarding Toolkit (DOT) that help detect some of the most common signs of suspicious onboarding attempts.

Document Authenticity and Photo Capture Method

It is important, that in the onboarding process is no possibility for the user to upload a photo himself. It has to be strictly enforced, that the user takes the photo of the document only using DOT Document Auto Capture component. Being able to upload a photo of document allows the user to do manipulations, that cannot be detected.

Data Consistency

Biometric Validation

This is a core functionality of DOT. Our face algorithm provides age and gender estimation for the person on the selfie photo. This can be validated against the date of birth and gender on the identity document. The cross check of selfie vs document photo confirms that the same person provided the selfie.

Items to be cross-checked vs each other:

Gender indicated on identity documentGender estimated by DOT from selfie
Age calculated from date of birth on identity documentAge estimated by DOT from selfie
Face portrait on identity documentSelfie photo

If there is a significant difference between these and expected values, this can trigger an alert during the process and such cases may be rejected or passed to manual review, based on the workflow configuration.

Biometric validation

Document Data Cross-check

Some identity documents contain Machine Readable Zones (MRZ) and many have contactless RFID chips which can be accessed using NFC-capable smartphones. This provides two additional levels of document authenticity detection, as tampering with the MRZ field requires more advanced knowledge (MRZ zone contains checksums), and data from the RFID chip cannot be modified at all.

Items to be cross-checked vs each other:

Data scanned in the standard text fieldsData scanned in the MRZ
Data scanned in the standard text fieldsData read from the RFID chip

MRZ data cross-check

RFID Chip Authentication

Besides the data cross-check, the eMRTD data can be authenticated using Passive Authentication protocol. Read more in Passive Authentication

Visual Detection of Attacks

Older identity documents may not have RFID chips or an MRZ. DOT Document Server can detect simple document forging including black and white photocopies. It can also detect photos of documents taken from the screen.

Screen Attack Detection

Document server can detect if a photo of ID document was taken from another screen based on the patterns that appear in the photo. This is returned in the response as “displayAttackDetection - genuine”.

Black and white photocopy detection

The response from the Document Server returns a value named “colorProfile - similarityScoreLevel”, and this is VERY LOW and LOW for black and white photocopies. The value may be MEDIUM for genuine documents in case of a low-quality photo or a photo taken under light that casts color.

Example of detected black and white print:

BW photocopy

The results of display attack detection and B&W photocopy detection are returned in the ocr API call.